Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/BfHKYYA290ikSwOEtI9VDe6PPFU.roa
File: BfHKYYA290ikSwOEtI9VDe6PPFU.roa (raw, json)
Hash identifier: HYHfloD/EOcYLr0bT/K8F9D1VFs4XWbLASy9mcjg4kc=
Subject key identifier: 05:F1:CA:61:80:36:F7:48:A4:4B:03:84:B4:8F:55:0D:EE:8F:3C:55
Certificate issuer: /CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Certificate serial: 0191B2908A37B724D7972F7A23D0AC7E5AC8
Authority key identifier: 1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/BfHKYYA290ikSwOEtI9VDe6PPFU.roa
Signing time: Mon 02 Sep 2024 11:48:22 +0000
ROA not before: Mon 02 Sep 2024 11:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 5.250.255.0/24 maxlen: 24
185.123.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:90:8a:37:b7:24:d7:97:2f:7a:23:d0:ac:7e:5a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Validity
Not Before: Sep 2 11:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05f1ca618036f748a44b0384b48f550dee8f3c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f0:99:b9:93:91:8c:e2:71:a4:2d:62:af:79:
1f:4e:14:a8:40:a6:e2:09:a1:91:ce:8f:22:f0:10:
9b:d3:21:c6:0b:7d:3b:ca:40:c9:41:d8:65:e6:4a:
93:32:15:90:de:b3:3f:c0:de:70:bc:77:bf:be:88:
f2:b4:a2:8b:5e:fd:05:4b:44:0e:81:1a:dd:a4:c0:
dd:a0:34:c8:7a:97:f8:5b:67:9d:af:2a:26:35:9b:
6c:2f:37:8f:b7:b3:77:c6:41:1c:e2:1f:35:d9:88:
90:6f:5b:96:0e:6c:b1:f5:8d:59:95:3d:c9:43:94:
25:cc:93:41:e2:31:ef:96:86:ac:21:16:3a:7f:c2:
31:97:d1:89:02:3d:bc:db:84:5a:70:c6:dc:b9:1c:
c0:49:05:23:68:91:b7:a5:5e:03:70:1a:f1:b2:9f:
b7:34:1f:83:76:95:f8:06:d4:ab:06:89:e8:72:63:
bd:a4:2c:7c:fd:fe:fa:8a:12:ed:dd:f6:48:e6:99:
1b:66:de:89:98:b4:cb:a0:9a:6f:84:c8:b9:92:a4:
2d:52:76:f9:3e:5b:27:08:74:e6:55:e1:e7:95:57:
5b:46:ca:b7:7a:3d:8e:77:55:bf:50:bf:23:10:c9:
41:ff:f2:4e:09:e9:4d:bf:65:26:21:70:1d:3b:47:
ef:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F1:CA:61:80:36:F7:48:A4:4B:03:84:B4:8F:55:0D:EE:8F:3C:55
X509v3 Authority Key Identifier:
keyid:1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/BfHKYYA290ikSwOEtI9VDe6PPFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.255.0/24
185.123.54.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:5b:09:a5:c3:34:31:3a:3e:da:8e:23:d7:97:8b:59:fc:23:
61:a3:24:a7:dc:53:68:96:90:4e:70:8c:ce:e1:61:1f:71:49:
c8:b0:b5:e6:0f:7e:4c:d5:cb:3f:0f:61:d9:3c:62:80:80:00:
31:af:7e:90:83:b0:48:77:5e:2f:92:54:bf:e5:3b:9b:28:c7:
d7:2e:5c:e6:f7:64:3a:65:cd:8e:fe:ee:c0:2d:41:6f:fb:09:
2b:af:c9:87:7c:c0:c2:73:aa:ef:89:6f:5f:b1:ad:a0:c7:50:
ff:53:ba:56:53:8a:29:e5:b5:fa:94:7e:9b:b0:cf:b6:c4:10:
b4:19:ba:83:46:d9:e2:18:08:28:fa:87:f1:d4:98:2e:aa:47:
e0:e7:42:ec:46:7e:e9:89:9b:3c:a6:fc:ab:dd:78:f5:d8:2c:
5c:29:2f:fa:c7:f3:87:33:13:0b:e0:39:a4:bb:1a:c1:ec:6c:
f4:94:5f:92:35:39:eb:63:fc:99:d1:1a:e3:32:73:4f:28:d5:
ad:56:de:97:f4:5c:86:cf:90:50:34:45:37:45:0f:0a:0d:79:
57:c4:e4:07:80:a7:39:2d:9b:88:b0:62:23:35:d7:4d:1b:a2:
54:4d:66:2a:20:dd:50:cd:c4:dd:0e:81:30:93:3a:aa:5a:c6:
72:58:6f:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGykIo3tyTXly96I9CsflrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzQzM2ZhZmE1OWYwZDUxMmEyYmViYjA5N2U2OTQ2M2Nj
MDY3NTkwHhcNMjQwOTAyMTE0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWYxY2E2MTgwMzZmNzQ4YTQ0YjAzODRiNDhmNTUwZGVlOGYzYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPCZuZORjOJxpC1ir3kfThSoQKbi
CaGRzo8i8BCb0yHGC307ykDJQdhl5kqTMhWQ3rM/wN5wvHe/vojytKKLXv0FS0QO
gRrdpMDdoDTIepf4W2edryomNZtsLzePt7N3xkEc4h812YiQb1uWDmyx9Y1ZlT3J
Q5QlzJNB4jHvloasIRY6f8Ixl9GJAj2824RacMbcuRzASQUjaJG3pV4DcBrxsp+3
NB+DdpX4BtSrBonocmO9pCx8/f76ihLt3fZI5pkbZt6JmLTLoJpvhMi5kqQtUnb5
PlsnCHTmVeHnlVdbRsq3ej2Od1W/UL8jEMlB//JOCelNv2UmIXAdO0fvAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAXxymGANvdIpEsDhLSPVQ3ujzxVMB8GA1UdIwQY
MBaAFBx0M/r6WfDVEqK+uwl+aUY8wGdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0Nzkt
MTJmNDFhMGNjMGMxLzEvQmZIS1lZQTI5MGlrU3dPRXRJOVZEZTZQUEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0NzktMTJmNDFhMGNjMGMx
LzEvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABfr/AwQA
uXs2MA0GCSqGSIb3DQEBCwUAA4IBAQDSWwmlwzQxOj7ajiPXl4tZ/CNhoySn3FNo
lpBOcIzO4WEfcUnIsLXmD35M1cs/D2HZPGKAgAAxr36Qg7BId14vklS/5TubKMfX
Llzm92Q6Zc2O/u7ALUFv+wkrr8mHfMDCc6rviW9fsa2gx1D/U7pWU4op5bX6lH6b
sM+2xBC0GbqDRtniGAgo+ofx1Jguqkfg50LsRn7piZs8pvyr3Xj12CxcKS/6x/OH
MxML4DmkuxrB7Gz0lF+SNTnrY/yZ0RrjMnNPKNWtVt6X9FyGz5BQNEU3RQ8KDXlX
xOQHgKc5LZuIsGIjNddNG6JUTWYqIN1QzcTdDoEwkzqqWsZyWG+A
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:35 2025 by rpki-client